package com.clouddrive;//导入必需的 java 库

import com.clouddrive.dao.impl.UserServiceImpl;
import com.clouddrive.service.UserService;

import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Arrays;

@WebServlet(value = "/MyCloud", name = "MainResponse")
public class DisplayHeader extends HttpServlet {

    private final UserService userService = new UserServiceImpl();

    public String[] userInformation = new String[4];

    // 处理 GET 方法请求的方法
    @Override
    public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
        response.setCharacterEncoding("UTF-8");
        PrintWriter out = response.getWriter();

        //进行数据读入
        Arrays.fill(userInformation, "");
        userInformation[0] = request.getParameter("Choice");
        userInformation[1] = request.getParameter("email");
        userInformation[2] = request.getParameter("usrname");
        userInformation[3] = request.getParameter("pwd");

        //ToDo:这里删掉就可以被XSS攻击了
        if(userInformation[2]!=null&&!userInformation[2].matches("\\w+")){
            System.out.println("aa");
            out.println("<script type=\"text/javascript\">");
            out.println("alert(\"用户未登录或会话已过期，请重新登录！\");");
            out.println("</script>");
            return;
        }

        User nowUser = new User(null, userInformation[1], userInformation[2], userInformation[3]);

        boolean isuserexist=false;

        String strResp;
        if (userInformation[0].equals("SignIN")) {
            User loginUser = userService.Login(nowUser);
            if (loginUser == null) {
                strResp = "Wrong!";
            }
            else {
                strResp = String.join("~~", String.valueOf(loginUser.getNumber()), loginUser.getUsername(), loginUser.getPassword(), loginUser.getEmail(), "NormalLogin", "Old User");
                isuserexist=true;
            }
        }
        else {
            if (userService.existEmail(nowUser.getEmail())) {
                if(userService.existUser(nowUser)){
                    User currentUser=userService.Update(nowUser);
                    strResp = String.join("~~",String.valueOf(currentUser.getNumber()),currentUser.getUsername(), currentUser.getPassword(), currentUser.getEmail());
                    strResp+="~~Have Signed Once! Password have been changed!~~Old User";
                    isuserexist=true;
                }
                else{
                    strResp="Wrong!";
                }
            }
            else {
                User newUser=userService.Register(nowUser);
                strResp = String.join("~~",String.valueOf(newUser.getNumber()),newUser.getUsername(), newUser.getPassword(), newUser.getEmail());
                strResp+="~~Signed UP success!Welcome!~~New User";
                isuserexist=true;
            }
        }
        if(isuserexist) {
            nowUser =userService.Login(nowUser);
            Cookie cookie =new Cookie("username", nowUser.getUsername());
            response.addCookie(cookie);
            cookie=new Cookie("email", nowUser.getEmail());
            response.addCookie(cookie);
            cookie=new Cookie("password", nowUser.getPassword());
            response.addCookie(cookie);
            request.getSession().setAttribute("email", nowUser.getEmail());
            request.getSession().setAttribute("username", nowUser.getUsername());
            //response.sendRedirect("disc.html");
        }
        out.write(strResp);
    }

    // 处理 POST 方法请求的方法
    @Override
    public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException {
        doGet(request, response);
    }
}